For this reason, the MIAC Shadow Report summarizes and synthesizes the findings of the journalism and academic research on the MIAC. It also picks up where the journalism and scholarship left off, identifying new issues using BlueLeaks and documents released under open records laws that raise questions about the extent and scope of the MIAC’s surveillance powers and the impact of MIAC operations on vulnerable populations. The report also includes an independent analysis of the MIAC’s privacy policy and a recently available privacy audit that identifies and addresses omissions and deficiencies in MIAC’s privacy audit process. This work allows us to anticipate the limitations of the DPS report.

This report is a collaborative, grassroots research project. The writing team is small, ad-hoc group: Chris Cushing, a social worker; Michael LeComte, a privacy advocate and public interest technologist; Brendan McQuade, a University of Southern Maine professor and expert on fusion centers; Mark Sayre, a Maine Law student; and Maxine Secskas, a monitoring, evaluation, and learning professional. The Maine Democratic Socialists of America, Maine Association of Criminal Defense Lawyers, the Electronic Privacy Information Center (EPIC), Maine Youth Justice, Muslim Justice League, and The Church of Safe Injection endorse the findings and demands of the MIAC Shadow Report.2The main findings are as follows:

• The courts have not settled the allegations of the whistleblower complaint. THe courts dismissed counts concerning surveillance and illegal data retention on technicality and without addressing the substance of the allegations. The case may still go to trial, but the only counts still under consideration concern wrongful termination. It is possible the substantive claims could be re-litigated in an appeal, but this is not assured.
• The MIAC’s task force organization muddles command hierarchies, creates organizational confusion, and undermines accountability measures.
• The MIAC has drifted far from its original national security mission. It is preoccupied with traditional concerns of policing: the conventional crimes associated with poverty and powerlessness.
• The MIAC’s intelligence bulletins laundered right wing conspiracy theories about paid protesters and pre-staged bricks at the racial justice protests in the summer 2020 as intelligence and cited unconfirmed social media sources as evidence.
• The MIAC’s existing oversight mechanisms are flawed. The Advisory Board is made of individuals who are largely unaccountable to the public at large or who lack the necessary expertise to provide meaningful oversight.
• A review of past privacy audits and related BlueLeaks documents identified several documents, which appear to_violate the MIAC’s privacy policy, including the collection and dissemination of information related to constitutionally protected activities, and the failure to destroy information which no longer meets the necessary standard for use and retention by MIAC. These documents—and others potentially like them—can easily slip through the cracks of the MIAC’s flawed privacy audit process. The Advisory Board audits a random selection of documents and, as such, avoids scrutinizing many of the documents that pose the greatest risk to privacy and other civil liberties.
• Records released under open records laws suggest that the MIAC has a subscription to a private databroker, provides information on bankruptcies, liens, properties, corporate affiliations, and other information which is fully redacted and cannot be identified. This raises questions as to whether MIAC’s use of commercial databases violates its own privacy policy by allowing it to acquire information that it cannot legally acquire by itself.
• Although the MIAC has made efforts to be more transparent since May 2020, the center is still excessively secretive. The broad exemptions in the Freedom of Access Act make Maine’s open records law a limited tool and one that does not provide sufficient transparency.
• The full extent of the MIAC’s information systems and analytic capabilities remains unknown. In BlueLeaks, there is a request that a Scarborough police officer sent to the MIAC for help making a timeline from data extracted from cellphones using a phone hacking device sold by Cellebrite, the Israeli digital forensics firm. This incident raises questions about the extent and scope of the MIAC’s surveillance powers.
• The MIAC’s impact on vulnerable populations is unknown. There are at least 89 MIAC bulletins published in BlueLeaks that report on people with suicidal feelings, mental health issues, disabilities, and/or chronic illness. One of these concerns Joshua Hussey, an individual at risk of “suicide by cop” who was wanted for violation of a protection of abuse order. Despite MIAC intelligence that warned about this risk of “sucide by cop,” the Maine State Police sent their tactical team to bring the individual into custody in a 2 AM raid on the home of Hussey’s mother. In the subsequent confrontation, Hussey shot himself in the head and eventually died from the wound.
• The MIAC’s aggressive focus on substance use may exacerbate the problem and impede harm reduction efforts. BlueLeaks documents show that the Lewiston Police aggressively monitored Jesse Harvey, the founder of the Church Safe Injection. Harvey’s friends and colleagues cite this police harassment as the reason for his eventual relapse, overdose, and death. While we cannot confirm that the MIAC did anything with these bulletins other than receiving them from the Lewiston Police Department, the case of Jesse Harvey helps contextualize the MIAC’s other intelligence reporting on drug use, some of which are “rogue’s galleries” of people arrested for opioid possession that lack any discernible intelligence value and others include inaccurate and easily debunked claims that overstate the harm of illegal substances.

After nearly two years of controversy and debate around the Maine Information Analysis Center, there is a strong case to close the embattled spy center. The allegations of the whistleblower complaint, the abuse complaints against Minkowsky, the hyperfocus on the crimes of powerless and vulnerable populations, the shoddy and biased intelligence shared about the 2020 BLM protests, and the repeated failures of the MIAC to follow its own privacy policy set the issue in dramatic relief. The MIAC, like all fusion centers, is fundamentally flawed. The MIAC should be closed and any and all databases it has created should be destroyed. These actions would not negatively impact public safety. Indeed, there is reason to believe that the MIAC, as the nerve center of mass criminalization in Maine, is actually exacerbating social problems and negatively impacting public safety. The United States became the global leader in incarceration by treating all social problems as issues for the cops and courts. The MIAC, and other fusion centers, are part of this process. Fusion centers are the nerve system of mass criminalization. Defund the MIAC!
However, the State Legislature did not vote to close the MIAC and, instead, passed a first-in-the-nation bill that requires a fusion center to report to legislative authorities. This measure, while well-intended, is insufficient. Self-policing by the MIAC’s Advisory Board is an obvious conflict of interest. Our analysis of the MIAC privacy policy and audits shows that the Maine fusion center regularly violates its own privacy policy. It also exposes the privacy audit as a perfunctory exercise that fails to meet the full scale or scope of the privacy risks posed by the MIAC. The audits only consider MIAC intelligence bulletins; they do not assess its information systems and analytic capabilities.
Given the strict facial recognition regulations recently implemented in Maine, there is little doubt many Mainers would be equally concerned about private data brokers and software that can decrypt phones, analyze telephony metadata, and automatically monitor social media. This report proves that the MIAC uses some of the surveillance and intelligence systems or has used them in the past. What will we do in this present moment? Should this police surveillance and intelligence gathering continue in the future?
Even if the privacy audit was more rigorous, privacy protection is not the only issue posed by the MIAC’s operation. The MIAC’s monitoring of constitutionally protected speech and assembly needs to be thoroughly investigated, as do related questions regarding how the MIAC reviews the intelligence it disseminates and vets (or fails to vet) the claims made in those bulletins. Finally, the MIAC’s impact on vulnerable populations needs to be investigated and questioned. Does the MIAC have a measurable impact, positive or negative, on public safety issues related to mental illness, substance abuse, and homelessness? Should a secretive police intelligence center originally set up for counterterrorism really be part of the public response to these social problems?
The State Legislature needs to rise to the occasion and exercise oversight powers over the executive branch. Once again: Defund the MIAC! If the political will to revisit closing the fusion center is lacking, then the situation demands a thorough, open, and independent investigation. The allegations of the whistleblower complaint have not been settled by the courts or by journalists and scholars working from the outside. We need an independent investigation. Investigate and defund the MIAC!